Sec Note – Telegram
Sec Note
@SecNote
1.41K subscribers
83 photos
5 videos
31 files
155 links
Download Telegram
About
Blog
Apps
Platform
Join
Sec Note
1.41K subscribers
Sec Note
FromaCprojectthroughassemblytoshellcodeHasherezade.pdf
1.3 MB
Write your own shellcode
From a C project through assembly to shellcode Hasherezade


#shellcode
708 viewsedited  
Sec Note
Tracing and Manipulating Anti-Analysis Techniques with DynamoRIO

#debugging #anti_analysis
👾1
779 views
Sec Note
Recovering Metadata from .NET Native AOT Binaries
👾1
757 views
Sec Note
Unveiling Swan Vector APT Targeting Taiwan and Japan with varied DLL Implants
Written by Subhajeet Singha


Unmasking Cronus: How Fake PayPal Documents Deliver Fileless Ransomware via PowerShell


#ttp
822 views
Sec Note
Windows Bug Hunting | COM-pletely Unplanned: A Windows Bug Hunter's Journey to LPE

Methodology

#reverse
#windows
👾2
827 views
Sec Note
Etherhide Technique Using Blockchain as C&C Infrastructure


#c2
796 viewsedited  
Sec Note
Forwarded from Order of Six Angles
Malware Loader Reverse Engineering with IDA Pro

https://www.youtube.com/watch?v=GWJyCF6QM2c
YouTube
Malware Loader Reverse Engineering with IDA Pro (Stream - 06/05/2025)
In this stream we reverse engineered a malware loader with IDA Pro, including its anti-analysis, persistence, COM UAC Bypass, command-line spoofing, C2, process injection, and TCP proxy functionality.

Learn how to reverse engineer malware: https://train…
👾1
909 views
Sec Note
aiya-mmd-book.pdf
31.8 MB
AIYA MMD - means Attack and Introduction or (Android and IOS), start Your Adventure in Mobile Malware Development. also AIYA means AIYA Nurkhankyzy.

https://github.com/cocomelonc/bsprishtina-2024-maldev-workshop/

#mobile
👾4
1K viewsedited  
Sec Note
Obfusk8: C++17-Based Obfuscation Library

Obfusk8 is a lightweight, header-only C++17 library designed to significantly enhance the obfuscation of your applications, making reverse engineering a substantially more challenging endeavor. It achieves this through a diverse set of compile-time and runtime techniques aimed at protecting your code's logic and data.


#obf
942 viewsedited  
Sec Note
Spoofing Call Stacks To Confuse EDRs

Call stacks are an understated yet often important source of telemetry for EDR products. They can provide vital context to an event and be an extremely powerful tool in determining false positives from true positives (especially for credential theft events such as handle access to lsass).


#evasion
905 viewsedited  
Sec Note
Denuvo Analysis

Bypassing Denuvo in Hogwarts Legacy


#drm
👾8
1.64K viewsedited  
Sec Note
Reverse Engineering Call Of Duty Anti-Cheat
monitors hidden syscalls called from call of duty anticheat



Reverse Engineering Integrity Checks in Black Ops 3
👾7
1.01K views
Sec Note
NtSetInformationThread: Disabling ThreadHideFromDebugger

How to do that?

#antidebug
👾3
1.04K viewsedited  
Sec Note
Dark-Kill
A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess


#edr
👾5
1.06K viewsedited  
Sec Note
GameHackingAcademy (1).pdf
27.8 MB
GameHacking.Academy

https://github.com/GameHackingAcademy
👾6
999 viewsedited  
Sec Note
Playbook Hunting Chinese APT

#th
👾3
1.46K views
Sec Note
VTable hooking explanation and example
👾3
868 views
Sec Note
Forwarded from /mdre/
This media is not supported in your browser
VIEW IN TELEGRAM
👾4
969 views
Sec Note
1734722992877.pdf
1 MB
Exploring Kernel Callbacks in Windows for Red Teamers / Developers
1.03K views
Sec Note
Media is too big
VIEW IN TELEGRAM
Callback objects- everything you didn't know

https://codemachine.com/articles/kernel_callback_functions.html

https://youtu.be/lnv4GYKS_jI?si=El4rDdW6bpy1puoM


#edr #windows
👾1
996 views